<%@ Language=VBScript%>
<%		
'Dat lich
	bttlich=Request("bttlich")
	if bttlich<>"" then
		if bttlich="tcuc" then
			Session("bLich")="TCUC"
		end if
		if bttlich="cuc" then
			Session("bLich")="CUC"
		end if
	end if
'HienSX
	sort=Request("sort")
	on error Resume next
	set Conn=server.CreateObject("ADODB.Connection")
	Conn.Open Application("StrConn")

	'Kiem tra trong CSDL Xem co can bo nao khong,neu khong thi tao cho mot Account ban dau co ten la Admin,  co Password=admin
	sSQL="Select top 1 macanbo from canbo"
	Set RecKTCB=server.CreateObject("ADODB.Recordset")
	RecKTCB.CursorType=3
	RecKTCB.CacheSize=5
	RecKTCB.Open sSQL,Conn
	if RecKTCB.EOF and RecKTCB.BOF then
		sSQL="Insert into Canbo(Macanbo,hovaten,ngaysinh,username,password,email,nguoisua,gioitinh,Lock) values("
		sSQL=sSQL+"'A1','Administrator','"& Date() &"','admin','\_hPdiO','admin@','A1',2,0)"
		Conn.Execute sSQL
		'Khoi tao Table Tinh chat
		sSQL="Select * from Tinhchat"
		Set RecKTTT=server.CreateObject("ADODB.Recordset")
		RecKTTT.CursorType=3
		RecKTTT.CacheSize=5
		RecKTTT.Open sSQL,Conn
		if RecKTTT.EOF and RecKTTT.BOF then
			sSQL="insert into Tinhchat(ma,ten) values('01','B&#236;nh th&#432;&#7901;ng')"
			Conn.Execute sSQL
			sSQL="insert into Tinhchat(ma,ten) values('02','Kh&#7849;n - Kh&#244;ng m&#7853;t')"
			Conn.Execute sSQL
			sSQL="insert into Tinhchat(ma,ten) values('03','M&#7853;t')"
			Conn.Execute sSQL
			sSQL="insert into Tinhchat(ma,ten) values('04','M&#7853;t - Kh&#7849;n')"
			Conn.Execute sSQL
		end if
		RecKTTT.Close
		set RecKTTT=nothing
	End if
	RecKTCB.Close
	set RecKTCB=nothing	
	'on error Resume next	
	if Err.number then
		Set Conn=nothing
		Response.Redirect("Error.asp?ErrorCode=2")
	end if
	if Request("bFormMuon")="ok" then
		bTable="Temp"& Session.SessionID
		sSQL="Select Name from sysobjects where name like '"& bTable &"'"
		set RecTB=server.CreateObject("ADODB.Recordset")
		RecTb.CursorType=3
		RecTB.CacheSize=5
		RecTB.Open sSQL,Conn
		if RecTB.RecordCount>0 then
			sSQL="Drop Table "& bTable
			Conn.Execute sSQL
		end if
		RecTB.Close
		set RecTB=nothing
	end if
	bComm=request("bComm")
	if bComm="login" then
		bUsername=request("username")
		bPassword=request("password")
		bPassword=Mahoa(bPassword)
		set RecKT=server.CreateObject("ADODB.recordset")		
		ssql="Select username,password,Macanbo,Hovaten,Lock,Madonvi,mailbox, mailpassword from canbo where username like '"& replace(bUsername,"'","''") &"' and password like '"& bPassword &"'"
		RecKT.CursorType=3
		RecKT.CacheSize=5
		recKT.Open ssql,Conn
		if recKT.RecordCount>0 then
			if RecKT("Lock")=TRUE then
				Session("Started")="no"
				Session("Pass")=""
				Session("Uname")=""
				Session("bMaCB") =""
				Session("bHoten")=""

			else
				Session("Started")="yes"
				Session("Pass")=RecKT("password")
				Session("Uname")=RecKT("username")
				Session("bMaCB")=RecKT("macanbo")
				Session("bHoten")=RecKT("Hovaten")
				Session("Password")=request("password")				
				'bg thphuc 25-02-03
				Session("bMaDonVi")=RecKT("madonvi")
				Session("mailpass")=RecKT("mailpassword")
				Session("mailbox")=RecKT("mailbox")

				'ed thphuc 25-02-03
				if  Session("Uname")="admin" then
					Session("IsAdmin") =true
				else
					Set recQuyenCode=server.CreateObject("ADODB.recordset")
					'sqlQuyen="SELECT a.quyen_code FROM dsquyen a,dsquyen_nhomquyen b,nhomquyen c,canbo_nhomquyen d WHERE a.quyen_id=b.quyen_id and b.nhom_id=c.nhom_id and c.nhom_id=d.nhom_id and d.macanbo='"& RecKT("macanbo")&"'"
					'bg thphuc 25-02-2003
					sqlQuyen="SELECT a.quyen_code FROM dsquyen a,dsquyen_nhomquyen b,nhomquyen c,canbo_nhomquyen d WHERE a.quyen_id=b.quyen_id and b.nhom_id=c.nhom_id and c.nhom_id=d.nhom_id and d.macanbo='"& RecKT("macanbo")&"' union select a.quyen_code from dsquyen a,canbo_dsquyen b where a.quyen_id=b.quyen_id and b.macanbo like '"& RecKT("macanbo")&"'"
					'ed thphuc 25-02-2003
					recQuyenCode.CursorType=3
					recQuyenCode.CacheSize=5
					recQuyenCode.Open sqlQuyen,Conn
					Do while not recQuyenCode.EOF
						Session("Permision")=Session("ClsFun").GepChuoi(Session("Permision"),recQuyenCode("quyen_code"))
						recQuyenCode.MoveNext 
					Loop
					if Session("Permision")="" then
						Session("Permision")="F1-1"	'De NSD co the log vao 1 so form nhat dinh
					end if
					recQuyenCode.Close
					Set recQuyenCode=nothing
				end if
			end if

			Session("TRUE_SESSION")=true
			
			'Ghi nhan Ai da login thanh cong
			bHoten=Session("bHoten")
			bNgaygio=cstr(Date()) &" "& cstr(Time())
			bChucnang="Truy nh&#7853;p h&#7879; th&#7889;ng"
			bIDTailieu=""
			bTrangthai=1
			bDongtac="Login"
			sSQL="insert into loguser(Tennguoisudung,ngaygio,chucnangdung,dongtac,IDTailieu,Trangthai) Values('"& bHoten _
				&"','"& bNgaygio &"','"& bChucnang &"','"& bDongtac &"','"& bIDTailieu &"','"& bTrangthai &"')"
			Conn.Execute sSQL
		else
			Session("Started")="no"
			Session("Pass")=""
			Session("Uname")=""
			Session("bMaCB") =""
			Session("bHoten")=""
		end if
	end if
	if bComm="restart" then
		Session("Started")="no"
		Session("Pass")=""
		Session("Uname")=""
		Session("bMaCB") =""

		Session("Permision")=""
		Session("IsAdmin")=false
		Session("bChucnang")=1
		Session("FormName")=""
		Session("VanBan")=""
		Session("Attach")=""

		Session("Year")=DateAdd("m",-3,Date)
		Session("sSQLDen")=""
		Session("sSQLDi")=""
		Session("sSQLQD")=""
		session("bIn")="OFF"
		'bg thphuc 25-02-03
		Session("bMaDonVi")=""
		Session("mailbox")=""
		Session("mailpass")=""
		'ed thphuc 25-02-03
	end if
%>
<script language=vbscript runat=server>
	'****** Ma hoa xau********
	Function Mahoa(msText)
	    Dim nC
	    Dim lI
	    Dim lJ
	    Dim nK
	    Dim lA
	    Dim sB
	    lA = Len(msText)
	    sB = Space(lA + (lA + 2) \ 3)
	    For lI = 1 To lA
	        nC = Asc(Mid(msText, lI, 1))
	        lJ = lJ + 1
			sB=Mid(sB,1, lJ-1) & Chr((nC And 63) + 59) & Mid(sB,lJ+1,len(sB)-lJ)				        
	        Select Case lI Mod 3
	        Case 1
	            nK = nK Or ((nC \ 64) * 16)
	        Case 2
	            nK = nK Or ((nC \ 64) * 4)
	        Case 0
	            nK = nK Or (nC \ 64)
	            lJ = lJ + 1
	            sB=Mid(sB,1,lJ-1) & Chr(nK + 59)	& Mid(sB,lJ+1,Len(sB)-lJ)   
	            nK = 0
	        End Select
	    Next
	    If lA Mod 3 Then
	        lJ = lJ + 1
	        sB=Mid(sB,1,lJ-1) & Chr(nK + 59) & Mid(sB,lJ+1,len(sB)-lJ)
	    End If
	    Mahoa = sB
	End Function

</script>
<!-- <FRAMESET cols="160,6,*" FRAMEBORDER=0 border=0> -->
<FRAMESET FRAMEBORDER="0" BORDER="0" FRAMESPACING="0" COLS="160,6,*" NAME="vbalFrameset">
	<FRAME SRC="left.ASP" NAME="left" scrolling="auto">
	<% if Session("Started")="yes" then%>
		<FRAME MARGINWIDTH="0" MARGINHEIGHT="0" SRC="toggle.html" NAME="vbatogbar" NORESIZE SCROLLING="NO">
		<%if request("formname")="dkvv" then
			if request("LoaiVt")="1" then%>
<!-- Hiensx -->
				<FRAME SRC="Xuly/frmdsvtden.asp?sort=<%=sort%>" NAME="right" MARGINHEIGHT=15 MARGINWIDTH=20 >
			<%end if
			if request("LoaiVt")="2" then%>
<!-- Hiensx -->
				<FRAME SRC="Xuly/frmdsvtdi.asp?sort=<%=sort%>" NAME="right" MARGINHEIGHT=15 MARGINWIDTH=20 >
			<%end if
			if request("LoaiVt")="5" then%>
<!-- Hiensx -->
				<FRAME SRC="Xuly/frmdsvtQuyetdinh.asp?sort=<%=sort%>" NAME="right" MARGINHEIGHT=15 MARGINWIDTH=20 >
			<%end if%>
		<%end if%>
		<%if request("formname")="tdvv" then%>
			<FRAME SRC="Xuly/frmvuviec.asp" NAME="right" MARGINHEIGHT=15 MARGINWIDTH=20 >
		<%end if%>
		<%if request("formname")="phannhom" then%>
			<FRAME SRC="capnhat/frmnhom.asp" NAME="right" MARGINHEIGHT=15 MARGINWIDTH=20 >
		<%end if%>
		<%if request("formname")="phannhomquyen" then%>
			<FRAME SRC="capnhat/frmnhomquyen.asp" NAME="right" MARGINHEIGHT=15 MARGINWIDTH=20 >
		<%end if%>
		<%if request("formname")="canbo" then%>
			<FRAME SRC="capnhat/frmcanbo.asp" NAME="right" MARGINHEIGHT=15 MARGINWIDTH=20 >
		<%end if%>
		<%if request("chuyendi")="ok" then%>
			<%				
				Session("bND")=Request("bNoidung")				
			%>
			<FRAME SRC="Xuly/frmvtdi.asp?chuyendi=ok&bcomm=add&bSubject=<%=request("bSubject")%>" NAME="right" MARGINHEIGHT=15 MARGINWIDTH=20 >
		<%end if%>
		<%if request("Folder")="ok" then%>
			<FRAME SRC="giaoban/folder.asp?bNhom=<%=Request("bNhom")%>&bLoai=<%=request("bLoai")%>" NAME="right" MARGINHEIGHT=15 MARGINWIDTH=20 >
		<%end if%>
		<%if request("tonghop")="ok" then%>
			<FRAME SRC="giaoban/tonghop.asp?bNhom=<%=Request("bNhom")%>&bLoai=<%=request("bLoai")%>" NAME="right" MARGINHEIGHT=15 MARGINWIDTH=20 >
		<%end if%>
		<%if request("formname")="" then%>
			<FRAME SRC="maint.asp" NAME="right" MARGINHEIGHT=15 MARGINWIDTH=20 >
		<%end if%>
	<%end if%>
	<% if Session("Started")="no" or Session("Started")="" then%>		
		<FRAME MARGINWIDTH="0" MARGINHEIGHT="0" SRC="toggle.html" NAME="vbatogbar" NORESIZE SCROLLING="NO" scrolling="auto">
		<FRAME SRC="login/login.asp?bComm=<%=bComm%>&username=<%=bUsername%>&password=<%=bPassword%>" NAME="right" MARGINHEIGHT=15 MARGINWIDTH=20 >
	<%end if%>
	
	<NOFRAMES></NOFRAMES>
</FRAMESET>
<%	Conn.Close
	set Conn=nothing
%>
